IETF Logo Mail Archive

Re: [tsvwg] Rregarding soft-state and UDP options

Tom Herbert <tom@herbertland.com> Fri, 03 January 2020 21:14 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9098B120099 for <tsvwg@ietfa.amsl.com>; Fri, 3 Jan 2020 13:14:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JRqLIQJhLWTL for <tsvwg@ietfa.amsl.com>; Fri, 3 Jan 2020 13:14:07 -0800 (PST)
Received: from mail-ed1-x541.google.com (mail-ed1-x541.google.com [IPv6:2a00:1450:4864:20::541]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91179120045 for <tsvwg@ietf.org>; Fri, 3 Jan 2020 13:14:06 -0800 (PST)
Received: by mail-ed1-x541.google.com with SMTP id cy15so42685925edb.4 for <tsvwg@ietf.org>; Fri, 03 Jan 2020 13:14:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=H4ljsj7QNV4egZkwUrRmt1QyDnsifwmzoA073tp35QM=; b=j/psY07rljfqWWIqFbQlJkDnAYtKHsJZO77FPQwGs6DyMCK/Z8Nu335OWKp0447Cx2 jYK/ok7TZxVgeSRnAp0OZbzq3LrweW6+gzzgMKysocmvoLR7+Zpg8RhgDA9FF6A3glnu 99kvO5L5zDglblI4MdkNegYu/S3nthMYnjPjyUImqvj14jzQivYxvAvUr5RJi/YDvfwt z4W4OYNmMAKLf5JaCdt0zjwd0YWNvVxqBdZLnSB/pZWr9YKL6ToEBCiu8beTsdzQoCQx PhlEEE1ZTbkmbQBMBL98lgTRpMlNFdnSO/CSPtVjhHmMo92+ckXX/BoYm/CQpcXGKOkU K46Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=H4ljsj7QNV4egZkwUrRmt1QyDnsifwmzoA073tp35QM=; b=ZboJtaMvy65Av8v20M85yOAIrVU5KKx5NlPJ0jIz7GgG/lSl7izjaObzJP1epDRkt4 miBx+OVJP84KHlAPoHj3whv9wPtuwc6YbdmfanErzvDWAH1tq900oPaZaxaIumjIByqZ 1+U4SDGIKx8kws308ojSoGvoEEoZu74d9UXJWwoW1s5yXnWOPhu6Fv52zegD9Rr12v6V dJl3XrUANZg1CN/xqe6TgxvqTodpzrfBaI8EmeY3EPUivI8hXLL3PNUzOt5bx50NiyKq nsfw1z8iyPM0iAMlNwT+8zR0CGnVnpxGgmygxqJDmTjCWa+Hcsx7jni9I5/z+E0YHKUZ E47A==
X-Gm-Message-State: APjAAAVO9mAV7oUoSiRwp/XKhdrquyHHOIOYjmXuGZP1F+I4xzj96jN1 QvNBehAe4oGePnE03EEEmpp7a620qVFwJK3lbOHw2Q==
X-Google-Smtp-Source: APXvYqz2xkTyZg45bqpeLAPJ2iVc6c4n8ZX/i1IhIg/sWyyNQsvro60fpclo/mPc/KQas17n0TfAZdQ6G6bHpoRgtvo=
X-Received: by 2002:a17:906:2e53:: with SMTP id r19mr95423523eji.306.1578086044614; Fri, 03 Jan 2020 13:14:04 -0800 (PST)
MIME-Version: 1.0
References: <CALx6S36227JnMkaZtPUvJoY5Pw-rQgy2R6tqt1PF_L=bgCjxCA@mail.gmail.com> <85C8C994-3FEA-4DF4-8C46-75CB205D09EA@strayalpha.com>
In-Reply-To: <85C8C994-3FEA-4DF4-8C46-75CB205D09EA@strayalpha.com>
From: Tom Herbert <tom@herbertland.com>
Date: Fri, 03 Jan 2020 13:13:53 -0800
Message-ID: <CALx6S34EfhcthoG4Qtr0JtfsdqQPr-2=havTvq_7nh9K8XDhJA@mail.gmail.com>
To: Joe Touch <touch@strayalpha.com>
Cc: TSVWG <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/QmHWYm4ZUFYPAsAsZJVhVHpF14M>
Subject: Re: [tsvwg] Rregarding soft-state and UDP options
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jan 2020 21:14:09 -0000

On Fri, Jan 3, 2020 at 12:42 PM Joe Touch <touch@strayalpha.com> wrote:
>
>
>
> > On Jan 3, 2020, at 12:19 PM, Tom Herbert <tom@herbertland.com> wrote:
> >
> > On Fri, Jan 3, 2020 at 11:37 AM Joe Touch <touch@strayalpha.com> wrote:
> >>
> >> Ps - and explain how to differentiate both required and mandatory for legacy receivers. Without frag+lite, because once you have that you’re done and don’t need the bit.
> >>
> > Joe,
> >
> > Options that cannot be ignored (required or mandatory) can ONLY be
> > sent in a frag+lite mode. The only options that can be sent without
> > frag+lite are ones that can safely be ignored by a receiver.
> >
> > When a legacy receiver receives a packet with an option that cannot be
> > ignored in the frag+lite mode, the receiver drops the packet by virtue
> > of the receiver not understanding the frag+lite mode (technically, the
> > receiver will accept the UDP packet with zero payload which presumably
> > leads to packet being effectively dropped without side effects). This
> > is the correct behavior with regards to an unrecognized option that
> > cannot be ignored and is covered by the first requirement.
> >
> > If a sender sends an option that cannot be ignored without using
> > frag+lite mode, then that is a protocol error caused by the sender
> > (i.e. an implementation bug). In this case the behavior at the
> > receiver is indeterminate.
>
> Right - that’s why the flag bit isn’t needed.
>
As Mike said: "the "drop if unrecognized" flag (or Option Kind
encoding rule) is proposed for the benefit of ***option aware***
receivers". If a receiver that supports UDP options sees an option
that cannot be ignored (indicated by the high order bit in the option
type) and doesn't recognize the option, then it MUST drop the packet.
This is the second requirement.

Tom

> >
> > Tom
> >
> >>> On Jan 3, 2020, at 11:30 AM, Joe Touch <touch@strayalpha.com> wrote:
> >>>
> >>> How about an example of any *deployed* *transport* option with this property?
> >>>
> >>> Joe
> >>>
> >>>>> On Jan 3, 2020, at 11:22 AM, Tom Herbert <tom@herbertland.com> wrote:
> >>>>>
> >>>>> On Fri, Jan 3, 2020 at 11:04 AM Joe Touch <touch@strayalpha.com> wrote:
> >>>>>
> >>>>> Tom,
> >>>>>
> >>>>> How about providing text of an example of any deployed transport option that modifies content (other than encryption, which is already handled). That was asked several IETFs ago and remains unanswered.
> >>>>>
> >>>>
> >>>> Joe,
> >>>>
> >>>> Payload compression for example. But, I think you're equating options
> >>>> that can't be ignored with options that modify the data. They are not
> >>>> the same thing, the latter is a proper subset of the first. An option
> >>>> cannot be ignored if it is required to be processed by the receiver
> >>>> for the packet to be correctly received. For instance, if someone were
> >>>> to put a virtual network identifier in an option then the option MUST
> >>>> processed or the packet MUST be dropped. If the receiver ignores the
> >>>> virtual network identifier and accepts the packet anyway it is
> >>>> breaking the isolation requirement of virtual networking.
> >>>>
> >>>> Tom
> >>>>
> >>>>> Joe
> >>>>>
> >>>>>> On Jan 3, 2020, at 8:07 AM, Tom Herbert <tom@herbertland.com> wrote:
> >>>>>>
> >>>>>> On Thu, Jan 2, 2020 at 8:21 PM Joe Touch <touch@strayalpha.com> wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> On Jan 2, 2020, at 7:00 PM, C. M. Heard <heard@pobox.com> wrote:
> >>>>>>>
> >>>>>>>> On Thu, Jan 2, 2020 at 6:23 PM Joe Touch wrote:
> >>>>>>>>
> >>>>>>>> On Jan 2, 2020, at 6:03 PM, Tom Herbert wrote:
> >>>>>>>>> IPv6 options
> >>>>>>>>> solve this problem by the "drop if unrecognized" bit so no negotiation
> >>>>>>>>> is ever necessary.
> >>>>>>>>
> >>>>>>>> That is ONE way to solve things, but its hardly “solved" when nearly nobody uses it.
> >>>>>>>>
> >>>>>>>> But it’s also not relevant here because IPv6 baked that rule in from the start. We can’t - there’s NOTHING we can do to make a legacy receiver drop packets with unknown options, regardless of the flags per se. All we can do is design them so the options and data are invisible together, which LITE+FRAG already supports.
> >>>>>>>
> >>>>>>>
> >>>>>>> Joe, I think that you are missing an important point here, namely that the "drop if unrecognized" flag (or Option Kind encoding rule) is proposed for the benefit of ***option aware*** receivers, not for the benefit of legacy receivers.
> >>>>>>>
> >>>>>>>
> >>>>>>> FRAG+LITE already provides the behavior you want. The flag option fails to provide correct behavior for unidirectional or failed soft-state receivers - both of which are non-starters. A key requirement is that legacy receivers can silently ignore all options.
> >>>>>>
> >>>>>> Here is the necessary requirements and text:
> >>>>>>
> >>>>>> "
> >>>>>> Options that cannot be ignored by a receiver due to side effects or
> >>>>>> other requirements MAY be sent. An option that cannot be ignored is
> >>>>>> indicated by the high order of the option type being set to 1 (if the
> >>>>>> high order bit of the option type is 0 then the option can be safely
> >>>>>> ignored).
> >>>>>>
> >>>>>> If an option that cannot be ignored is received by a node that does
> >>>>>> not recognize the option then the packet MUST be dropped. The
> >>>>>> following requirements ensure this:
> >>>>>>
> >>>>>> - Options that cannot be ignored MUST NOT be sent in packets that do
> >>>>>> not use FRAG+LITE format. This prevents a legacy receiver from
> >>>>>> incorrectly ignoring an unknown option.
> >>>>>> - If an option is received with the high order bit of the bit of the
> >>>>>> option type set to 1 and the receiver does not recognize the option,
> >>>>>> then the packet MUST be dropped. This covers the case where a receiver
> >>>>>> that processes UDP options however doesn't support a particular
> >>>>>> received option that cannot be ignored.
> >>>>>> "
> >>>>>>
> >>>>>> This requirements yield a correct protocol for ALL CASES including
> >>>>>> unidirectional, failed soft-state receivers, multicast, NAT
> >>>>>> transitions, anycast, and simple unicast.
> >>>>>>
> >>>>>> Tom
> >>>>>>
> >>>>>>>
> >>>>>>> …
> >>>>>>>
> >>>>>>> I do agree in principle that use of FRAG+LITE (in a form that includes OCS over the entire surplus area) plus post-reassembly options addresses (a) and (b) of my message (though I still reserve the right to comment when I see the details).
> >>>>>>>
> >>>>>>>
> >>>>>>> AOK. And point taken that the soft state section needs clarification.
> >>>>>>>
> >>>>>>> Joe
> >>>>>>
> >>>>>
> >>>
> >>
>

v2.23.0 | Report a Bug | By Email